CRN

New RunC Container Runtime Security Flaw Targets Kubernetes, Docker

A security vulnerability in Docker and Kubernetes containers disclosed Monday can be used to go after any host system running containers. The vulnerability allows malicious containers to overwrite the ...
ZDNet

Doomsday Docker security hole uncovered

One of the great security fears about containers is that an attacker could infect a container with a malicious program, which could escape and attack the host system. Well, we now have a security hole ...
Bleeping Computer

RunC Vulnerability Gives Attackers Root Access on Docker, Kubernetes Hosts

A container breakout security flaw found in the runc container runtime allows malicious containers (with minimal user interaction) to overwrite the host runc binary and gain root-level code execution ...
InfoWorld

Runtime bugs break container walls, enabling root on Docker hosts

The flaws let attackers abuse masked paths, console bind-mounts, and redirected writes to escape containers and gain host privileges. Three newly disclosed high-severity bugs in the “runc” container ...
Threat Post

Major Container Security Flaw Threatens Cascading Attacks

A fundamental component of container technologies like Docker, cri-o, containerd and Kubernetes contains an important vulnerability that could cause cascading attacks. Runc, a building-block project ...
Infosecurity-magazine.com

Firms Urged to Patch Serious Container Runtime Flaw

Enterprises have been urged to patch a serious flaw in runc, the default runtime for Docker and Kubernetes, and ensure they have SELinux enabled. Aleksa Sarai — one of the maintainers for runc — made ...
Pro-Linux

Sicherheit: Mehrere Probleme in docker, runc und containerd

Plattformen: SUSE Enterprise Storage 6, SUSE CaaS Platform 4.0, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise Server for SAP 15 ...